Libxml2 Becomes Officially Unmaintained After Maintainer Steps Down (de facto standard XML and HTML parsing library)

R

rte66

linuxiac.com

Libxml2 Becomes Officially Unmaintained After Maintainer Steps Down

Libxml2 is now officially unmaintained after its long-time maintainer stepped down, leaving the widely used XML library without active development.
linuxiac.com linuxiac.com

I checked my filesystem and I have this in my stock FreeBSD 4.3 system. The article said this is a huge core library on a lot of systems. The article also describes security issues.

Quote from article: "First, libxml2 is the de facto standard XML and HTML parsing library in the open-source world."

Is this libxml2 library the same one that is in FreeBSD?
 
rte66 said:
I checked my filesystem and I have this in my stock FreeBSD 4.3 system.
Click to expand...
Hopefully you mean 14.3... Otherwise, holy time machine, Batman!

rte66 said:
The article also describes security issues.
Click to expand...
Yeah, it sounds like the maintainer was fatigued by these endless "issues" found by "security" researchers looking to make a name for themselves:
libxml2 has never been safe to use with untrusted input. It doesn't help to pretend otherwise.
Click to expand...
gitlab.gnome.org

Make the XML parser O(n) (#346) · Issues · GNOME / libxml2 · GitLab

The execution time of the XML parser should be guaranteed to scale linearly with the size of the input (or the size of the output if entities are...
gitlab.gnome.org

rte66 said:
Is this libxml2 library the same one that is in FreeBSD?
Click to expand...
Yes. The link in Freshports redirects to https://gitlab.gnome.org/GNOME/libxml2/-/wikis/home
It's the same project.
 
You must log in or register to reply here.
Back
Top